文章基本信息

标题：Study of DNS Based On the Command and Control
本地全文：下载
作者：D.Mounika ; K Krishna reddy ; Janapati Venkata Krishna 等
期刊名称：International Journal of Computer Trends and Technology
电子版ISSN：2231-2803
出版年度：2014
卷号：16
期号：2
页码：45-49
出版社：Seventh Sense Research Group
摘要：Attackers, in particular botnet controllers, use secret messaging systems to set up largescale command and control. In order to systematically understand the potential capability of attackers, we investigate the practicable of using domain name service (DNS) as a stealthy botnet commandandcontrol channel. We explain and quantitatively analyze several techniques that can be used to effectively hide malicious DNS activities at the network level. Our experimental result makes use of a twomonthlong 4.8GB campus network dataset and 1 million domain names obtained from alexa.com. We conclude that the DNSbased secret commandandcontrol channel (in particular the code word mode) can be very powerful for attackers, showing the requirement for further research by defenders in this direction. The resulting statistical analysis of DNS payload as a countermeasure has practical limitations inhibiting its largescale deployment.
关键词：DNS;Control